Less than 24 hours after news broke that Twitter might start charging verified users a fee to keep their status, cybercriminals have attempted to take advantage through a phishing email campaign.
According to TechCrunch, the campaign promoted users to post their usernames and passwords on a Google Doc sent from a Gmail account. The email also included a link to a Google Site. In reality, the cybercriminals hosted the page through Beget, a Russian web host. The information cybercriminals collected was enough to enter accounts that don’t use two-factor authentication, the publication reports.
Google has since removed the site. “Confirming we have taken down the links and accounts in question for violations of our program policies,” a Google spokesperson told TechCrunch.
The incident likely won’t be the only cybercrime involving verified accounts. At the time of writing, Twitter’s new owner has yet to announce any further details regarding the verification status after securing the platform for $44 billion last week.